1/* ====================================================================
2 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
3 *
4 * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
5 * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
6 * to the OpenSSL project.
7 *
8 * The ECC Code is licensed pursuant to the OpenSSL open source
9 * license provided below.
10 *
11 * The ECDH software is originally written by Douglas Stebila of
12 * Sun Microsystems Laboratories.
13 *
14 */
15/* ====================================================================
16 * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved.
17 *
18 * Redistribution and use in source and binary forms, with or without
19 * modification, are permitted provided that the following conditions
20 * are met:
21 *
22 * 1. Redistributions of source code must retain the above copyright
23 * notice, this list of conditions and the following disclaimer.
24 *
25 * 2. Redistributions in binary form must reproduce the above copyright
26 * notice, this list of conditions and the following disclaimer in
27 * the documentation and/or other materials provided with the
28 * distribution.
29 *
30 * 3. All advertising materials mentioning features or use of this
31 * software must display the following acknowledgment:
32 * "This product includes software developed by the OpenSSL Project
33 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
34 *
35 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
36 * endorse or promote products derived from this software without
37 * prior written permission. For written permission, please contact
38 * licensing@OpenSSL.org.
39 *
40 * 5. Products derived from this software may not be called "OpenSSL"
41 * nor may "OpenSSL" appear in their names without prior written
42 * permission of the OpenSSL Project.
43 *
44 * 6. Redistributions of any form whatsoever must retain the following
45 * acknowledgment:
46 * "This product includes software developed by the OpenSSL Project
47 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
48 *
49 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
50 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
52 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
53 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
54 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
55 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
56 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
58 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
59 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
60 * OF THE POSSIBILITY OF SUCH DAMAGE.
61 * ====================================================================
62 *
63 * This product includes cryptographic software written by Eric Young
64 * (eay@cryptsoft.com). This product includes software written by Tim
65 * Hudson (tjh@cryptsoft.com). */
66
67#ifndef OPENSSL_HEADER_ECDH_H
68#define OPENSSL_HEADER_ECDH_H
69
70#include <openssl/base.h>
71
72#include <openssl/ec_key.h>
73
74#if defined(__cplusplus)
75extern "C" {
76#endif
77
78
79// Elliptic curve Diffie-Hellman.
80
81
82// ECDH_compute_key calculates the shared key between |pub_key| and |priv_key|.
83// If |kdf| is not NULL, then it is called with the bytes of the shared key and
84// the parameter |out|. When |kdf| returns, the value of |*outlen| becomes the
85// return value. Otherwise, as many bytes of the shared key as will fit are
86// copied directly to, at most, |outlen| bytes at |out|. It returns the number
87// of bytes written to |out|, or -1 on error.
88OPENSSL_EXPORT int ECDH_compute_key(
89 void *out, size_t outlen, const EC_POINT *pub_key, const EC_KEY *priv_key,
90 void *(*kdf)(const void *in, size_t inlen, void *out, size_t *outlen));
91
92// ECDH_compute_key_fips calculates the shared key between |pub_key| and
93// |priv_key| and hashes it with the appropriate SHA function for |out_len|. The
94// only value values for |out_len| are thus 24 (SHA-224), 32 (SHA-256), 48
95// (SHA-384), and 64 (SHA-512). It returns one on success and zero on error.
96//
97// Note that the return value is different to |ECDH_compute_key|: it returns an
98// error flag (as is common for BoringSSL) rather than the number of bytes
99// written.
100//
101// This function allows the FIPS module to compute an ECDH and KDF within the
102// module boundary without taking an arbitrary function pointer for the KDF,
103// which isn't very FIPSy.
104OPENSSL_EXPORT int ECDH_compute_key_fips(uint8_t *out, size_t out_len,
105 const EC_POINT *pub_key,
106 const EC_KEY *priv_key);
107
108
109#if defined(__cplusplus)
110} // extern C
111#endif
112
113#define ECDH_R_KDF_FAILED 100
114#define ECDH_R_NO_PRIVATE_VALUE 101
115#define ECDH_R_POINT_ARITHMETIC_FAILURE 102
116#define ECDH_R_UNKNOWN_DIGEST_LENGTH 103
117
118#endif // OPENSSL_HEADER_ECDH_H
119